<?php
session_start();
header('Content-Type: application/json');

if (!isset($_SESSION['user'])) {
    http_response_code(401);
    echo json_encode(['error' => '未登录']);
    exit;
}

require_once 'includes/functions.php';

$action = $_POST['action'] ?? $_GET['action'] ?? '';
$user_id = $_SESSION['user']['user_id'];

switch ($action) {
    case 'create_article':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $title = trim($_POST['title'] ?? '');
            $content = trim($_POST['content'] ?? '');
            $status = trim($_POST['status'] ?? 'published');
            $category_id = intval($_POST['category_id'] ?? 0);
            
            if (empty($title) || empty($content)) {
                echo json_encode(['error' => '标题和内容不能为空']);
                exit;
            }
            
            if (!$category_id) {
                echo json_encode(['error' => '请选择分类']);
                exit;
            }
            
            $post_id = createArticle($user_id, $title, $content, $status, [$category_id]);
            if ($post_id) {
                echo json_encode(['success' => true, 'message' => '文章创建成功']);
            } else {
                echo json_encode(['error' => '文章创建失败']);
            }
        }
        break;
        
    case 'update_article':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $post_id = intval($_POST['post_id'] ?? 0);
            $title = trim($_POST['title'] ?? '');
            $content = trim($_POST['content'] ?? '');
            $status = trim($_POST['status'] ?? 'published');
            $category_id = intval($_POST['category_id'] ?? 0);
            
            if (!$post_id || empty($title) || empty($content)) {
                echo json_encode(['error' => '参数错误']);
                exit;
            }
            
            if (!$category_id) {
                echo json_encode(['error' => '请选择分类']);
                exit;
            }
            
            if (!isArticleOwner($post_id, $user_id)) {
                echo json_encode(['error' => '无权限编辑此文章']);
                exit;
            }
            
            if (updateArticle($post_id, $title, $content, $status, [$category_id])) {
                echo json_encode(['success' => true, 'message' => '文章更新成功']);
            } else {
                echo json_encode(['error' => '文章更新失败']);
            }
        }
        break;
        
    case 'delete_article':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $post_id = intval($_POST['post_id'] ?? 0);
            
            if (!$post_id) {
                echo json_encode(['error' => '参数错误']);
                exit;
            }
            
            if (!isArticleOwner($post_id, $user_id)) {
                echo json_encode(['error' => '无权限删除此文章']);
                exit;
            }
            
            if (deleteArticle($post_id)) {
                echo json_encode(['success' => true, 'message' => '文章删除成功']);
            } else {
                echo json_encode(['error' => '文章删除失败']);
            }
        }
        break;
        
    case 'update_profile':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $display_name = trim($_POST['display_name'] ?? '');
            $email = trim($_POST['email'] ?? '');
            $bio = trim($_POST['bio'] ?? '');
            
            if (empty($display_name) || empty($email)) {
                echo json_encode(['error' => '显示名称和邮箱不能为空']);
                exit;
            }
            
            if (updateUserProfile($user_id, $display_name, $email, $bio)) {
                // 更新session中的用户信息
                $_SESSION['user']['display_name'] = $display_name;
                $_SESSION['user']['email'] = $email;
                echo json_encode(['success' => true, 'message' => '个人信息更新成功']);
            } else {
                echo json_encode(['error' => '个人信息更新失败']);
            }
        }
        break;
        
    case 'update_password':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $current_password = $_POST['current_password'] ?? '';
            $new_password = $_POST['new_password'] ?? '';
            $confirm_password = $_POST['confirm_password'] ?? '';
            
            if (empty($current_password) || empty($new_password) || empty($confirm_password)) {
                echo json_encode(['error' => '所有密码字段都不能为空']);
                exit;
            }
            
            if ($new_password !== $confirm_password) {
                echo json_encode(['error' => '新密码和确认密码不匹配']);
                exit;
            }
            
            if (strlen($new_password) < 6) {
                echo json_encode(['error' => '新密码长度至少6位']);
                exit;
            }
            
            if (!verifyUserPassword($user_id, $current_password)) {
                echo json_encode(['error' => '当前密码错误']);
                exit;
            }
            
            if (updateUserPassword($user_id, $new_password)) {
                echo json_encode(['success' => true, 'message' => '密码修改成功']);
            } else {
                echo json_encode(['error' => '密码修改失败']);
            }
        }
        break;
        
    case 'get_user_stats':
        $stats = getArticleStats($user_id);
        echo json_encode(['success' => true, 'data' => $stats]);
        break;
        
    // 分类管理API
    case 'get_categories':
        $categories = getAllCategories();
        echo json_encode(['success' => true, 'data' => $categories]);
        break;
        
    case 'create_category':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $name = trim($_POST['name'] ?? '');
            $description = trim($_POST['description'] ?? '');
            
            if (empty($name)) {
                echo json_encode(['error' => '分类名称不能为空']);
                exit;
            }
            
            if (createCategory($name, $description)) {
                echo json_encode(['success' => true, 'message' => '分类创建成功']);
            } else {
                echo json_encode(['error' => '分类创建失败']);
            }
        }
        break;
        
    case 'update_category':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $category_id = intval($_POST['category_id'] ?? 0);
            $name = trim($_POST['name'] ?? '');
            $description = trim($_POST['description'] ?? '');
            
            if (!$category_id || empty($name)) {
                echo json_encode(['error' => '参数错误']);
                exit;
            }
            
            if (updateCategory($category_id, $name, $description)) {
                echo json_encode(['success' => true, 'message' => '分类更新成功']);
            } else {
                echo json_encode(['error' => '分类更新失败']);
            }
        }
        break;
        
    case 'delete_category':
        if ($_SERVER['REQUEST_METHOD'] === 'POST') {
            $category_id = intval($_POST['category_id'] ?? 0);
            
            if (!$category_id) {
                echo json_encode(['error' => '参数错误']);
                exit;
            }
            
            if (deleteCategory($category_id)) {
                echo json_encode(['success' => true, 'message' => '分类删除成功']);
            } else {
                echo json_encode(['error' => '分类删除失败']);
            }
        }
        break;
        
    case 'get_article_categories':
        $post_id = intval($_GET['post_id'] ?? 0);
        if ($post_id) {
            $categories = getArticleCategoryIds($post_id);
            echo json_encode(['success' => true, 'data' => $categories]);
        } else {
            echo json_encode(['error' => '参数错误']);
        }
        break;
        
    default:
        http_response_code(400);
        echo json_encode(['error' => '无效的操作']);
        break;
}
?> 